| | CVE-2019-1195 |  Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1194 | Microsoft | high | 7.5 | 2.5%
| | A remote code execution vulnerability exists in the way that the scripting engine handles objects in… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1193 | Microsoft | medium | 6.4 | 1.4%
| | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1192 | Microsoft | medium | 4.3 | 2.4%
| | A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1161 | Microsoft | high | 7.1 | 0.6%
| | An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file delet… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1155 | Microsoft | high | 7.8 | 9.7%
| | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1153 | Microsoft | medium | 5.5 | 2.8%
| | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component imprope… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1151 | Microsoft | high | 8.8 | 28.4%
| | A remote code execution vulnerability exists when the Windows font library improperly handles specia… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1149 | Microsoft | high | 8.8 | 31.9%
| | A remote code execution vulnerability exists when the Windows font library improperly handles specia… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1148 | Microsoft | medium | 5.5 | 4.2%
| | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component imprope… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1141 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1140 | Microsoft | high | 8.8 | 4.7%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1139 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1133 | Microsoft | high | 7.5 | 4.0%
| | A remote code execution vulnerability exists in the way that the scripting engine handles objects in… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1131 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1030 | Microsoft | medium | 4.3 | 17.8%
| | An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly han… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-3800 |  ForgeRock | medium | 6.3 | — | | CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its… | Aug 5, 2019 | Nov 21, 2024 |
| | CVE-2019-14298 |  Veeam | medium | 5.4 | — | | Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or … | Jul 27, 2019 | Nov 21, 2024 |
| | CVE-2019-14297 | Veeam | medium | 5.4 | — | | Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to set… | Jul 27, 2019 | Nov 21, 2024 |
| | CVE-2019-13564 | ForgeRock | medium | 6.1 | — | | XSS exists in Ping Identity Agentless Integration Kit before 1.5. | Jul 11, 2019 | Nov 21, 2024 |
| | CVE-2017-14395 | ForgeRock | medium | 6.1 | — | | Auth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Manag… | Jun 19, 2019 | Nov 21, 2024 |
| | CVE-2017-14394 | ForgeRock | medium | 6.1 | — | | OAuth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Mana… | Jun 19, 2019 | Nov 21, 2024 |
| | CVE-2019-5436 |  F5 | high | 7.8 | 13.3%
| | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libc… | May 28, 2019 | Apr 15, 2026 |
| | CVE-2019-11569 | Veeam | high | 8.8 | — | | Veeam ONE Reporter 9.5.0.3201 allows CSRF. | May 6, 2019 | Nov 21, 2024 |
| | CVE-2018-14634 | F5 | high | 7.8 | 25.7%
| ⚠ KEV | An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileg… | Sep 25, 2018 | Jan 27, 2026 |
| | CVE-2018-0296 |  Cisco | high | 7.5 | 94.4%
| ⚠ KEV | A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an u… | Jun 7, 2018 | Jan 14, 2026 |
| | CVE-2018-1000134 | ForgeRock | critical | 9.8 | — | | UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904… | Mar 16, 2018 | Nov 21, 2024 |
| | CVE-2018-0147 | Cisco | critical | 9.8 | 4.0%
| ⚠ KEV | A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to re… | Mar 8, 2018 | Jan 14, 2026 |
| | CVE-2018-7272 | ForgeRock | medium | 6.5 | — | | The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part of the URL, which allows att… | Feb 21, 2018 | Nov 21, 2024 |
| | CVE-2017-5641 |  Apache | critical | 9.8 | 48.5%
| | Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allow… | Dec 28, 2017 | May 13, 2026 |
| | CVE-2017-6167 | F5 | high | 7.5 | 0.3%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software vers… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6164 | F5 | high | 8.1 | 2.5%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAc… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6151 | F5 | high | 7.5 | 0.5%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAc… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6140 | F5 | high | 7.5 | 0.6%
| | On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 445… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6139 | F5 | medium | 5.9 | 0.4%
| | In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare conditions, the BIG-IP APM system ap… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6138 | F5 | high | 7.5 | 0.7%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6136 | F5 | medium | 5.9 | 0.6%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6135 | F5 | high | 7.5 | 0.5%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6134 | F5 | medium | 6.5 | 1.4%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6133 | F5 | high | 7.5 | 0.6%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software vers… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6132 | F5 | high | 7.5 | 2.2%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6129 | F5 | high | 7.5 | 0.5%
| | In F5 BIG-IP APM software version 13.0.0 and 12.1.2, in some circumstances, APM tunneled VPN flows c… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-0304 | F5 | medium | 5.4 | 0.2%
| | A SQL injection vulnerability exists in the BIG-IP AFM management UI on versions 12.0.0, 12.1.0, 12.… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-0301 | F5 | high | 7.6 | 0.1%
| | In F5 BIG-IP APM software versions 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 1… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-4943 |  VMware | high | 7.8 | 0.0%
| | VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a local privilege escalation vu… | Dec 20, 2017 | May 13, 2026 |
| | CVE-2017-4941 | VMware | high | 8.8 | 4.8%
| | VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12… | Dec 20, 2017 | May 13, 2026 |
| | CVE-2017-4933 | VMware | high | 8.8 | 7.1%
| | VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x bef… | Dec 20, 2017 | May 13, 2026 |
| | CVE-2017-15700 | Apache | high | 8.8 | 0.2%
| | A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid method in Apache Sling Authenticat… | Dec 18, 2017 | May 13, 2026 |
| | CVE-2017-12630 | Apache | medium | 5.4 | 0.7%
| | In Apache Drill 1.11.0 and earlier when submitting form from Query page users are able to pass arbit… | Dec 18, 2017 | May 13, 2026 |
| | CVE-2017-17740 |  Trellix | high | 7.5 | 6.1%
| | contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memb… | Dec 18, 2017 | May 13, 2026 |